Title

Author

Abstract

Providing security in passive RFID systems has gained significant attention due to their widespread use. Research has focused on providing both location and data privacy through mutual authentication between the readers and tags. In such systems, each party is responsible of verifying the identity of the other party with whom it is communicating. For such a task to succeed, the tags and readers are initialized with shared secret information which is updated after a successful authentication session. Ownership management, which includes transfer and delegation, builds upon mutual authentication. Here, the use of security in RFID is extended to encompass the more practical case where a tagged item is shifted from one owner to another. As such, we propose a new authentication and ownership management protocol that is compliant with the EPC Class-1 Generation-2 Version 2 standard. The protocol is formally analyzed and successfully implemented on hardware. The implementation shows that the use of such protocol adds security with little added overhead in terms of communication and computation.